There have been reports regarding botnet scans for msgimport.sh
The file should be investigated for security breaches.

the preg_replace at get_opt seems fishy but I was not able to inject commands 
to it.

http://stateofsecurity.com/?p=550
http://isc.sans.org/diary.html?storyid=5599&rss
http://www.linode.com/forums/archive/o_t/t_3796/roundcube_webmail_scanning.html
http://zastita.com/015038/roundcube-webmail-.html
_______________________________________________
List info: http://lists.roundcube.net/dev/

Reply via email to